Passwords commonly are used as authentication mechanisms for logging-in to user accounts for on-line services. When a user logs in to a user account from an untrusted computing device, software and/or hardware that is configured to capture keystrokes may be installed on the untrusted computing device. Consequently, the password used to log-in to the user account from the untrusted computing device may be captured potentially compromising the security of the user account.